Lucene search
K

3344 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Microsoft Office LTSC 2024 缓冲区错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There are security vulnerabilities in Microsoft Office. Attackers can exploit these...

8.4CVSS5.8AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Microsoft Nuance PowerScribe 360 反序列化漏洞

Microsoft Nuance PowerScribe is a medical speech recognition and report generation system for radiologists developed by Microsoft. There are code-related vulnerabilities in Microsoft Nuance PowerScribe. Attackers can exploit these vulnerabilities to execute code remotely. The following products a...

9.8CVSS5.8AI score0.01914EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-47829

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description An integer truncation in the ASN.1 decoder occurs when parsing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes in length. This issue specifically affects...

9.1CVSS5.6AI score0.00513EPSS
Exploits0References140
OSV
OSV
added 2026/06/08 4:44 p.m.11 views

MINI-8X62-MV2M-GWM8

Bulletin has no description...

9.1CVSS5.2AI score0.00466EPSS
Exploits0
NVD
NVD
added 2026/06/08 4:16 p.m.17 views

CVE-2026-34355

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

7.5CVSS0.00805EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2026/06/08 3:14 p.m.13 views

CVE-2026-42535

A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

9.1CVSS5.4AI score0.00538EPSS
Exploits0
OSV
OSV
added 2026/06/08 10:17 a.m.6 views

SUSE-SU-2026:2298-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970...

6CVSS5.5AI score0.00188EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.23 views

PT-2026-47313

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions 2.4.0 through 2.4.67 Description A Use After Free issue exists in Apache HTTP Server when using mod ldap in per-directory configuration. Use After Free occurs when an application continues to use a pointer after it...

9.8CVSS5.6AI score0.8377EPSS
Exploits10References135
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.16 views

SUSE SLES16 Security Update : kernel (SUSE-SU-2026:21845-1)

The remote SUSE Linux SLES16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21845-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058:...

9.8CVSS7AI score0.0138EPSS
Exploits19References659
OSV
OSV
added 2026/06/05 11:18 a.m.11 views

MINI-XW47-FF69-2R63

Bulletin has no description...

9.1CVSS5.1AI score0.00487EPSS
Exploits0
OSV
OSV
added 2026/06/05 3:54 a.m.5 views

MINI-C64M-8984-6575

Bulletin has no description...

7.5CVSS5.7AI score0.00359EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/04 4:1 p.m.14 views

CVE-2026-36612

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 enables WPS 2.0 by default with a weak lockout policy 60-second lockout after 10 attempts...

6.4CVSS5.8AI score0.00139EPSS
Exploits0References1
OSV
OSV
added 2026/06/04 12:21 p.m.11 views

MINI-XC2R-7V63-J4CX

Bulletin has no description...

6.1CVSS5.7AI score0.00188EPSS
Exploits0
OSV
OSV
added 2026/06/04 9:35 a.m.9 views

MINI-22CM-JR63-CG4R

Bulletin has no description...

5.3CVSS6.7AI score0.00502EPSS
Exploits0
NVD
NVD
added 2026/06/03 6:16 p.m.15 views

CVE-2026-36612

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 enables WPS 2.0 by default with a weak lockout policy 60-second lockout after 10 attempts...

6.4CVSS0.00139EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.40 views

CVE-2026-36610

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 transmits DDNS credentials over plaintext HTTP with only Base64 encoding. The firmware contains no TLS implementation, allowing man-in-the-middle interception of DDNS service credentials...

0.00147EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36612

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 enables WPS 2.0 by default with a weak lockout policy 60-second lockout after 10 attempts...

5.8AI score0.00139EPSS
Exploits0References2
CVE
CVE
added 2026/06/02 2:30 a.m.27 views

CVE-2026-10581

CVE-2026-10581 affects DedeCMS 5.7.88. The vulnerability lies in the function base64_decode in /plus/download.php?open=1, where manipulation of the Link argument triggers a server-side request forgery (SSRF). Remote exploitation is possible, and the exploit has been published. The available docum...

6.5CVSS6.3AI score0.00201EPSS
Exploits0References4
OSV
OSV
added 2026/06/01 8:0 a.m.9 views

MAL-2026-5154 Malicious code in @customer-threesixty/assets (npm)

Dependency confusion attack campaign targeting Scandinavian telecommunications and digital services organizations Telenor, Ownit, Vimla, and Customer 360 / C360. Four packages published by the debating0166 npm account use inflated version numbers 99.0.x to win npm registry resolution over private...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.26 views

PT-2026-45355

Privilege chaining issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can log in to the server where the affected product is installed may obtain SYSTEM privilege...

8.5CVSS7.1AI score0.00097EPSS
Exploits0References3
Rows per page
Query Builder